Oval Definition:oval:org.opensuse.security:def:52672
Revision Date:2020-12-01Version:1
Title:Security update for the Linux Kernel (Live Patch 3 for SLE 15) (Important)
Description:

This update for the Linux Kernel 4.12.14-25_13 fixes several issues.

The following security issues were fixed:

- CVE-2018-17182: The vmacache_flush_all function in mm/vmacache.c mishandled sequence number overflows. An attacker can trigger a use-after-free (and possibly gain privileges) via certain thread creation, map, unmap, invalidation, and dereference operations (bsc#1110233). - CVE-2018-14633: A security flaw was found in the chap_server_compute_md5() function in the ISCSI target code in a way an authentication request from an ISCSI initiator is processed. An unauthenticated remote attacker can cause a stack buffer overflow and smash up to 17 bytes of the stack. The attack requires the iSCSI target to be enabled on the victim host. Depending on how the target's code was built (i.e. depending on a compiler, compile flags and hardware architecture) an attack may lead to a system crash and thus to a denial-of-service or possibly to a non-authorized access to data exported by an iSCSI target. Due to the nature of the flaw, privilege escalation cannot be fully ruled out, although we believe it is highly unlikely. (bsc#1107832).
Family:unixClass:patch
Status:Reference(s):1107832
1110233
1153108
1156317
1157770
904519
912076
912929
913678
915328
915329
931972
931973
931974
CVE-2004-0801
CVE-2007-3999
CVE-2010-3170
CVE-2010-4267
CVE-2011-2697
CVE-2011-2722
CVE-2011-3389
CVE-2011-3640
CVE-2012-2369
CVE-2013-0743
CVE-2013-0791
CVE-2013-1620
CVE-2013-1739
CVE-2013-1740
CVE-2013-4325
CVE-2013-5605
CVE-2013-6402
CVE-2013-6427
CVE-2014-1492
CVE-2014-1568
CVE-2014-2977
CVE-2014-2978
CVE-2014-3686
CVE-2014-4910
CVE-2014-9495
CVE-2015-0210
CVE-2015-0797
CVE-2015-0839
CVE-2015-0973
CVE-2015-1038
CVE-2015-1196
CVE-2015-1395
CVE-2015-1396
CVE-2015-1863
CVE-2015-3165
CVE-2015-3166
CVE-2015-3167
CVE-2015-4141
CVE-2015-4142
CVE-2015-4143
CVE-2015-5130
CVE-2015-5310
CVE-2015-8041
CVE-2016-2335
CVE-2016-6252
CVE-2016-9957
CVE-2016-9958
CVE-2016-9959
CVE-2016-9960
CVE-2016-9961
CVE-2017-12424
CVE-2018-14633
CVE-2018-17182
CVE-2018-7169
CVE-2019-10220
CVE-2019-15239
SUSE-SU-2015:1019-1
SUSE-SU-2015:1264-1
SUSE-SU-2018:3331-1
Platform(s):openSUSE Leap 15.0
SUSE Linux Enterprise Desktop 11 SP2
SUSE Linux Enterprise Desktop 11 SP3
SUSE Linux Enterprise Desktop 11 SP4
SUSE Linux Enterprise Desktop 12
SUSE Linux Enterprise Desktop 12 SP1
SUSE Linux Enterprise Desktop 12 SP2
SUSE Linux Enterprise Desktop 12 SP3
SUSE Linux Enterprise Desktop 12 SP4
SUSE Linux Enterprise Module for Live Patching 15
SUSE Linux Enterprise Server 12 SP1
SUSE Linux Enterprise Server 12 SP1-LTSS
SUSE Linux Enterprise Server 12 SP2
SUSE Linux Enterprise Server 12 SP2-BCL
SUSE Linux Enterprise Server 12 SP2-ESPOS
SUSE Linux Enterprise Server 12 SP2-LTSS
SUSE Linux Enterprise Server 12 SP3
SUSE Linux Enterprise Server 12 SP3-BCL
SUSE Linux Enterprise Server 12 SP3-ESPOS
SUSE Linux Enterprise Server 12 SP3-LTSS
SUSE Linux Enterprise Server 12 SP3-TERADATA
SUSE Linux Enterprise Server 12 SP4
SUSE OpenStack Cloud 6
SUSE OpenStack Cloud 7
SUSE OpenStack Cloud 8
SUSE OpenStack Cloud Crowbar 8
Product(s):
Definition Synopsis
  • openSUSE Leap 15.0 is installed
  • AND Package Information
  • dbus-1-1.12.2-lp150.1 is installed
  • OR dbus-1-x11-1.12.2-lp150.1 is installed
  • OR libdbus-1-3-1.12.2-lp150.1 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 11 SP2 is installed
  • AND Package Information
  • bind-libs-9.9.4P2-0.6 is installed
  • OR bind-libs-32bit-9.9.4P2-0.6 is installed
  • OR bind-utils-9.9.4P2-0.6 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 11 SP3 is installed
  • AND gd-2.0.36.RC1-52.20 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 11 SP4 is installed
  • AND Package Information
  • glibc-2.11.3-17.87 is installed
  • OR glibc-32bit-2.11.3-17.87 is installed
  • OR glibc-devel-2.11.3-17.87 is installed
  • OR glibc-devel-32bit-2.11.3-17.87 is installed
  • OR glibc-i18ndata-2.11.3-17.87 is installed
  • OR glibc-locale-2.11.3-17.87 is installed
  • OR glibc-locale-32bit-2.11.3-17.87 is installed
  • OR nscd-2.11.3-17.87 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 is installed
  • AND Package Information
  • libfreebl3-3.16.4-5 is installed
  • OR libfreebl3-32bit-3.16.4-5 is installed
  • OR libsoftokn3-3.16.4-5 is installed
  • OR libsoftokn3-32bit-3.16.4-5 is installed
  • OR mozilla-nss-3.16.4-5 is installed
  • OR mozilla-nss-32bit-3.16.4-5 is installed
  • OR mozilla-nss-certs-3.16.4-5 is installed
  • OR mozilla-nss-certs-32bit-3.16.4-5 is installed
  • OR mozilla-nss-tools-3.16.4-5 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP1 is installed
  • AND Package Information
  • gstreamer-0_10-plugins-bad-0.10.23-17 is installed
  • OR gstreamer-0_10-plugins-bad-lang-0.10.23-17 is installed
  • OR libgstbasecamerabinsrc-0_10-23-0.10.23-17 is installed
  • OR libgstbasecamerabinsrc-0_10-23-32bit-0.10.23-17 is installed
  • OR libgstbasevideo-0_10-23-0.10.23-17 is installed
  • OR libgstbasevideo-0_10-23-32bit-0.10.23-17 is installed
  • OR libgstcodecparsers-0_10-23-0.10.23-17 is installed
  • OR libgstphotography-0_10-23-0.10.23-17 is installed
  • OR libgstphotography-0_10-23-32bit-0.10.23-17 is installed
  • OR libgstsignalprocessor-0_10-23-0.10.23-17 is installed
  • OR libgstsignalprocessor-0_10-23-32bit-0.10.23-17 is installed
  • OR libgstvdp-0_10-23-0.10.23-17 is installed
  • OR libgstvdp-0_10-23-32bit-0.10.23-17 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP2 is installed
  • AND Package Information
  • DirectFB-1.7.1-6 is installed
  • OR lib++dfb-1_7-1-1.7.1-6 is installed
  • OR libdirectfb-1_7-1-1.7.1-6 is installed
  • OR libdirectfb-1_7-1-32bit-1.7.1-6 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP3 is installed
  • AND libgme0-0.6.0-5 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP4 is installed
  • AND Package Information
  • hplip-3.16.11-1 is installed
  • OR hplip-hpijs-3.16.11-1 is installed
  • OR hplip-sane-3.16.11-1 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Live Patching 15 is installed
  • AND Package Information
  • kernel-livepatch-4_12_14-25_13-default-4-2 is installed
  • OR kernel-livepatch-SLE15_Update_3-4-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP1 is installed
  • AND cifs-utils-6.4-6 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP1-LTSS is installed
  • AND Package Information
  • kgraft-patch-3_12_74-60_64_63-default-9-2 is installed
  • OR kgraft-patch-3_12_74-60_64_63-xen-9-2 is installed
  • OR kgraft-patch-SLE12-SP1_Update_22-9-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2 is installed
  • AND Package Information
  • libmpfr4-3.1.2-7 is installed
  • OR libmpfr4-32bit-3.1.2-7 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-BCL is installed
  • AND Package Information
  • libecpg6-10.5-1.3 is installed
  • OR libpq5-10.5-1.3 is installed
  • OR libpq5-32bit-10.5-1.3 is installed
  • OR postgresql-init-10-17.20 is installed
  • OR postgresql10-10.5-1.3 is installed
  • OR postgresql10-contrib-10.5-1.3 is installed
  • OR postgresql10-docs-10.5-1.3 is installed
  • OR postgresql10-libs-10.5-1.3 is installed
  • OR postgresql10-server-10.5-1.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-ESPOS is installed
  • AND Package Information
  • krb5-1.12.5-40.31 is installed
  • OR krb5-32bit-1.12.5-40.31 is installed
  • OR krb5-client-1.12.5-40.31 is installed
  • OR krb5-doc-1.12.5-40.31 is installed
  • OR krb5-plugin-kdb-ldap-1.12.5-40.31 is installed
  • OR krb5-plugin-preauth-otp-1.12.5-40.31 is installed
  • OR krb5-plugin-preauth-pkinit-1.12.5-40.31 is installed
  • OR krb5-server-1.12.5-40.31 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-LTSS is installed
  • AND Package Information
  • kgraft-patch-4_4_121-92_92-default-4-2 is installed
  • OR kgraft-patch-SLE12-SP2_Update_24-4-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3 is installed
  • AND Package Information
  • accountsservice-0.6.42-14 is installed
  • OR accountsservice-lang-0.6.42-14 is installed
  • OR libaccountsservice0-0.6.42-14 is installed
  • OR typelib-1_0-AccountsService-1_0-0.6.42-14 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-BCL is installed
  • AND Package Information
  • java-1_8_0-ibm-1.8.0_sr5.40-30.54 is installed
  • OR java-1_8_0-ibm-alsa-1.8.0_sr5.40-30.54 is installed
  • OR java-1_8_0-ibm-plugin-1.8.0_sr5.40-30.54 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-ESPOS is installed
  • AND Package Information
  • kgraft-patch-4_4_175-94_79-default-5-2 is installed
  • OR kgraft-patch-SLE12-SP3_Update_23-5-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-LTSS is installed
  • AND Package Information
  • kgraft-patch-4_4_180-94_113-default-2-2 is installed
  • OR kgraft-patch-SLE12-SP3_Update_30-2-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-TERADATA is installed
  • AND Package Information
  • gdk-pixbuf-2.34.0-19.17 is installed
  • OR gdk-pixbuf-lang-2.34.0-19.17 is installed
  • OR gdk-pixbuf-query-loaders-2.34.0-19.17 is installed
  • OR gdk-pixbuf-query-loaders-32bit-2.34.0-19.17 is installed
  • OR libgdk_pixbuf-2_0-0-2.34.0-19.17 is installed
  • OR libgdk_pixbuf-2_0-0-32bit-2.34.0-19.17 is installed
  • OR typelib-1_0-GdkPixbuf-2_0-2.34.0-19.17 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4 is installed
  • AND clamav-0.100.2-33.18 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 6 is installed
  • AND ruby2.1-rubygem-rails-html-sanitizer-1.0.2-7 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 7 is installed
  • AND Package Information
  • libpython2_7-1_0-2.7.13-28.21 is installed
  • OR libpython2_7-1_0-32bit-2.7.13-28.21 is installed
  • OR python-2.7.13-28.21 is installed
  • OR python-32bit-2.7.13-28.21 is installed
  • OR python-base-2.7.13-28.21 is installed
  • OR python-base-32bit-2.7.13-28.21 is installed
  • OR python-curses-2.7.13-28.21 is installed
  • OR python-demo-2.7.13-28.21 is installed
  • OR python-doc-2.7.13-28.21 is installed
  • OR python-doc-pdf-2.7.13-28.21 is installed
  • OR python-gdbm-2.7.13-28.21 is installed
  • OR python-idle-2.7.13-28.21 is installed
  • OR python-tk-2.7.13-28.21 is installed
  • OR python-xml-2.7.13-28.21 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 8 is installed
  • AND Package Information
  • java-1_8_0-openjdk-1.8.0.222-27.35 is installed
  • OR java-1_8_0-openjdk-demo-1.8.0.222-27.35 is installed
  • OR java-1_8_0-openjdk-devel-1.8.0.222-27.35 is installed
  • OR java-1_8_0-openjdk-headless-1.8.0.222-27.35 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud Crowbar 8 is installed
  • AND Package Information
  • xen-4.9.4_04-3.56 is installed
  • OR xen-doc-html-4.9.4_04-3.56 is installed
  • OR xen-libs-4.9.4_04-3.56 is installed
  • OR xen-libs-32bit-4.9.4_04-3.56 is installed
  • OR xen-tools-4.9.4_04-3.56 is installed
  • OR xen-tools-domU-4.9.4_04-3.56 is installed
    • BACK